In the modern digital age, cybersecurity has never been more crucial — or more challenging. As organizations become more connected and reliant on technology, their attack surfaces expand. The classic adage, “An organization is only as secure as its weakest link,” has never been more relevant. APIs are the backbone of digital age – connecting everything – customers/vendors/partners and power most of the technology today including GenAI.

Protecting patient privacy is vital in the healthcare industry. The rise of digital records has made safeguarding sensitive information more challenging. De-identifying healthcare data ensures compliance with regulations like HIPAA while protecting patient information. Key concepts include PHI (Protected Health Information), de-identification, and the safe harbor method.

A recent analysis by JPMorganChase criticized the CVSS scoring process, finding missing context leads to misleading prioritization. When it comes to cybersecurity, patching vulnerabilities often feels like the Holy Grail. Get those CVEs patched, and you’re safe, right? Well, not exactly. As we know, patching isn’t as straightforward—or as effective—as we’d like to believe.

With increasing cyber threats, data breaches, and the rapid pace of digital transformation, operational resilience has become a top priority for financial institutions. As we begin 2025, this is especially true in the UK, because of new regulations going into effect. Regulatory bodies like the Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and the Bank of England have introduced stringent rules to safeguard the stability and resilience of the financial services sector.

In this guest post, Connor Brewer, Principal Solutions Architect at Uzado - a Canadian-based IT and security service provider - showcases an innovative IT help desk app built with AI in Tines, which boasts countless other potential applications. For many IT and security teams, outdated orchestration and automation solutions create more challenges than solutions.

On November 12th, 2024, at the Pavilion Hotel in Kuala Lumpur, Snyk’s Field CTO, Pas Apicella, delivered an insightful presentation at the Digital Banking Asia Summit 2024 in Malaysia. Titled, ‘Securing the Digital Future: Best Practices for Application Security in Digital Banking’, his talk focused on actionable strategies to address pressing challenges in the financial services industry.

As the adoption of cloud-native technologies like containers, Kubernetes, and microservices have evolved, traditional security solutions have struggled to keep up. According to the Sysdig Threat Research Team (TRT), the average time it takes an attacker to perform reconnaissance and complete an attack is just 10 minutes. To help teams outpace attackers, cloud-native application protection platforms have emerged.

Trust is critical to the success of every business. And in 2024, we saw that building, scaling, and demonstrating trust is getting more difficult for organizations. ‍ Vanta’s second annual State of Trust Report uncovered key trends across security, compliance, and the future of trust. Based on a survey of 2,500 IT and business leaders in the U.S., UK, and Australia, our research found that more than half (55%) of organizations say that security risks for their business have never been higher.

Your organization can achieve zero-standing privilege by following best practices such as enforcing least privilege access, implementing Just-in-Time (JIT) access and continuously monitoring and auditing privileged access. Following these best practices ensures that privileged access is granted only when necessary, and for the shortest duration possible, significantly reducing your organization’s attack surface and enhancing overall security.

Credential phishing attacks surged by 703% in the second half of 2024, according to a report by SlashNext. Phishing attacks overall saw a 202% increase during the same period. “Since June, the number of attacks per 1,000 mailboxes each week has increased linearly,” the researchers write. “Currently, we are capturing close to one advanced attack per mailbox each week. As we reach the 1,000 threshold, this translates to nearly one advanced attack for every single mailbox each month.